diff options
| author | Hiroki Sato <hrs@FreeBSD.org> | 2018-04-04 04:21:19 +0000 |
|---|---|---|
| committer | Hiroki Sato <hrs@FreeBSD.org> | 2018-04-04 04:21:19 +0000 |
| commit | d684f11da759490a8d98d7b790796106285f4084 (patch) | |
| tree | 27b7356df710fdf1440fe2c23154b8121e99f2ab /lib/gssapi/krb5/verify_mic.c | |
| parent | f52d4664e3f68828c06f85bfc1afa271e3e04713 (diff) | |
Import Heimdal 7.5.0.vendor/heimdal/7.5.0
Notes
Notes:
svn path=/vendor-crypto/heimdal/dist/; revision=331978
svn path=/vendor-crypto/heimdal/7.5.0/; revision=331979; tag=vendor/heimdal/7.5.0
Diffstat (limited to 'lib/gssapi/krb5/verify_mic.c')
| -rw-r--r-- | lib/gssapi/krb5/verify_mic.c | 32 |
1 files changed, 15 insertions, 17 deletions
diff --git a/lib/gssapi/krb5/verify_mic.c b/lib/gssapi/krb5/verify_mic.c index 3814ef7062c1..9968ce403ef7 100644 --- a/lib/gssapi/krb5/verify_mic.c +++ b/lib/gssapi/krb5/verify_mic.c @@ -254,15 +254,11 @@ retry: krb5_crypto_destroy (context, crypto); ret = krb5_crypto_init(context, key, ETYPE_DES3_CBC_SHA1, &crypto); - if (ret){ - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_verify_checksum (context, crypto, - KRB5_KU_USAGE_SIGN, - tmp, message_buffer->length + 8, - &csum); + if (ret == 0) + ret = krb5_verify_checksum(context, crypto, + KRB5_KU_USAGE_SIGN, + tmp, message_buffer->length + 8, + &csum); free (tmp); if (ret) { krb5_crypto_destroy (context, crypto); @@ -289,7 +285,6 @@ _gsskrb5_verify_mic_internal { krb5_keyblock *key; OM_uint32 ret; - krb5_keytype keytype; if (ctx->more_flags & IS_CFX) return _gssapi_verify_mic_cfx (minor_status, ctx, @@ -304,9 +299,11 @@ _gsskrb5_verify_mic_internal return GSS_S_FAILURE; } *minor_status = 0; - krb5_enctype_to_keytype (context, key->keytype, &keytype); - switch (keytype) { - case KEYTYPE_DES : + + switch (key->keytype) { + case KRB5_ENCTYPE_DES_CBC_CRC : + case KRB5_ENCTYPE_DES_CBC_MD4 : + case KRB5_ENCTYPE_DES_CBC_MD5 : #ifdef HEIM_WEAK_CRYPTO ret = verify_mic_des (minor_status, ctx, context, message_buffer, token_buffer, qop_state, key, @@ -315,13 +312,14 @@ _gsskrb5_verify_mic_internal ret = GSS_S_FAILURE; #endif break; - case KEYTYPE_DES3 : + case KRB5_ENCTYPE_DES3_CBC_MD5 : + case KRB5_ENCTYPE_DES3_CBC_SHA1 : ret = verify_mic_des3 (minor_status, ctx, context, message_buffer, token_buffer, qop_state, key, type); break; - case KEYTYPE_ARCFOUR : - case KEYTYPE_ARCFOUR_56 : + case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5: + case KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56: ret = _gssapi_verify_mic_arcfour (minor_status, ctx, context, message_buffer, token_buffer, @@ -338,7 +336,7 @@ _gsskrb5_verify_mic_internal OM_uint32 GSSAPI_CALLCONV _gsskrb5_verify_mic (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, + gss_const_ctx_id_t context_handle, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, gss_qop_t * qop_state |